/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
package servlet;

import codeJava.MySQLCli;
import java.io.IOException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author Damien
 */
public class Auth extends HttpServlet {

    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, SQLException {

        MySQLCli mysqlCli = new MySQLCli();
        ResultSet res;
        RequestDispatcher dispat;
        boolean ipExist = false;
        boolean userExist = false;
        boolean ipTmpExist = false;
        String username = request.getParameter("user");
        String password = request.getParameter("password");
        String role = "0";
        HttpSession session = request.getSession(true);

        if (mysqlCli.connect()) {
            res = mysqlCli.exec("SELECT login,password,role FROM utilisateurs WHERE login = '" + username + "' AND password = '" + password + "';");
            if (res.next()) {
                role = res.getString("role");
                userExist = true;
            }
            res = mysqlCli.exec("SELECT adresse FROM adresses;");
            while (res.next()) {
                if (res.getString("adresse").equals(request.getRemoteAddr())) {
                    ipExist = true;
                }
            }
            res.close();
            mysqlCli.close();
        }
        if (userExist && role.equals("Admin")) {
            session.setAttribute("auth", role);
            dispat = request.getRequestDispatcher("/WEB-INF/admin.jsp");
            dispat.forward(request, response);
        } else {
            if (userExist && ipExist && role.equals("User")) {
                dispat = request.getRequestDispatcher("/WEB-INF/user.jsp");
                dispat.forward(request, response);
            } else {
                if (mysqlCli.connect()) {
                    res = mysqlCli.exec("SELECT adresse FROM adressestmp;");
                    while (res.next()) {
                        if (res.getString("adresse").equals(request.getRemoteAddr())) {
                            ipTmpExist = true;
                        }
                    }
                    res.close();
                    mysqlCli.close();
                }
                if (mysqlCli.connect() && !ipTmpExist) {
                    mysqlCli.update("INSERT INTO adressestmp(id,adresse) VALUES (NULL,'" + request.getRemoteAddr() + "');");
                    mysqlCli.close();
                }
                dispat = request.getRequestDispatcher("/WEB-INF/errorpage.jsp");
                dispat.forward(request, response);
            }
        }
    }

    /**
     * Handles the HTTP <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        try {
            processRequest(request, response);
        } catch (SQLException ex) {
            Logger.getLogger(Auth.class.getName()).log(Level.SEVERE, null, ex);
        }
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        try {
            processRequest(request, response);
        } catch (SQLException ex) {
            Logger.getLogger(Auth.class.getName()).log(Level.SEVERE, null, ex);
        }

    }

    /**
     * Returns a short description of the servlet.
     *
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>

}
